Search in sources :

Example 21 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class BulkOperationSample method main.

public static void main(String[] args) {
    if (args.length != 4) {
        System.out.println("Usage: java BulkOperationSample <username>" + " <password>" + " <keyname> <datafile>");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String keyName = args[2];
    String fileName = args[3];
    NAESession session = null;
    try {
        // Getting session and key
        session = NAESession.getSession(userName, password.toCharArray());
        NAEKey key = NAEKey.getSecretKey(keyName, session);
        // Getting instance for the bulk operation. Should be called
        // whenever bulk operation needs to be performed.
        AbstractNAECipher encryptCipher = NAECipher.getInstanceForBulkData("AES/GCM/NoPadding", "IngrianProvider");
        // read the contents from the file and write into the arrays
        readContentsFromFileAndWriteToArrays(fileName);
        // initializing the cipher for encrypt operation
        encryptCipher.init(Cipher.ENCRYPT_MODE, key, spec[0]);
        // Map to store exceptions while encryption
        Map<Integer, String> encryptedErrorMap = new HashMap<Integer, String>();
        // performing bulk operation
        byte[][] encryptedData = encryptCipher.doFinalBulk(data, spec, encryptedErrorMap);
        // displaying the encrypted data
        displayData(encryptedData, "Encrypted data");
        // cipher instance for decryption
        AbstractNAECipher decryptCipher = NAECipher.getInstanceForBulkData("AES/GCM/NoPadding", "IngrianProvider");
        // initializing the cipher for decrypt operation
        decryptCipher.init(Cipher.DECRYPT_MODE, key, spec[0]);
        // Map to store exceptions while decryption
        Map<Integer, String> decryptedErrorMap = new HashMap<Integer, String>();
        // performing bulk operation
        byte[][] decryptedData = decryptCipher.doFinalBulk(encryptedData, spec, decryptedErrorMap);
        // displaying the decrypted data
        displayData(decryptedData, "Decrypted Data ");
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        // releasing session
        if (session != null) {
            session.closeSession();
        }
    }
}
Also used : NAEKey(com.ingrian.security.nae.NAEKey) AbstractNAECipher(com.ingrian.security.nae.AbstractNAECipher) HashMap(java.util.HashMap) NAESession(com.ingrian.security.nae.NAESession) IOException(java.io.IOException)

Example 22 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class CachingSample method oneShotEncrypt.

public void oneShotEncrypt(NAESession session, String keyname, String algorithm, String plainText, String ivStr) {
    Cipher encryptCipher = null;
    Cipher decryptCipher = null;
    try {
        NAEKey pkey = NAEKey.getSecretKey(keyname, session);
        encryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
        if (ivStr == null) {
            encryptCipher.init(Cipher.ENCRYPT_MODE, pkey);
            byte[] outbuf = encryptCipher.doFinal(plainText.getBytes());
            decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
            decryptCipher.init(Cipher.DECRYPT_MODE, pkey);
            byte[] newbuf = decryptCipher.doFinal(outbuf);
            System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
        } else {
            byte[] iv = ivStr.getBytes();
            IvParameterSpec ivSpec = new IvParameterSpec(iv);
            encryptCipher.init(Cipher.ENCRYPT_MODE, pkey, ivSpec);
            byte[] outbuf = encryptCipher.doFinal(plainText.getBytes());
            decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
            decryptCipher.init(Cipher.DECRYPT_MODE, pkey, ivSpec);
            byte[] newbuf = decryptCipher.doFinal(outbuf);
            System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
        }
    } catch (Exception e) {
        e.printStackTrace();
        System.out.println("Exception = " + e);
    }
}
Also used : NAEKey(com.ingrian.security.nae.NAEKey) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher)

Example 23 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPDatesAndStatesSample method main.

public static void main(String[] args) throws Exception {
    String keyName = null;
    int keyLength = 256;
    if (args.length != 3) {
        usage();
    }
    keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create KMIP Session - specify client X.509 certificate and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // create key custom attributes
        NAEKey key = null;
        deleteIfExists(keyName, session, key);
        /* create a secret key using JCE key generator */
        NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) null, session);
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(spec);
        SecretKey secretKey = kg.generateKey();
        System.out.println("Created new key " + ((NAEKey) secretKey).getName());
        /* cast to NAEKey and list the default attribute names */
        Set<String> defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
        key = ((NAEKey) secretKey);
        KMIPAttributes getState = new KMIPAttributes();
        getState.add(KMIPAttribute.State);
        getState.add(KMIPAttribute.ActivationDate);
        getState.add(KMIPAttribute.InitialDate);
        getState.add(KMIPAttribute.DeactivationDate);
        KMIPAttributes gotState = key.getKMIPAttributes(getState);
        System.out.println("State = " + gotState.getState());
        System.out.println("InitialDate  = " + sdf.format(gotState.getDate(KMIPAttribute.InitialDate).getTime()));
        System.out.println("ActivationDate  = " + ((gotState.getDate(KMIPAttribute.ActivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
        key = ((NAEKey) secretKey);
        System.out.println("Activating:");
        key.activate();
        gotState = key.getKMIPAttributes(getState);
        defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
        System.out.println("State = " + gotState.getState());
        System.out.println("ActivationDate  = " + ((gotState.getDate(KMIPAttribute.ActivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
        // now deactivate it
        Calendar c = Calendar.getInstance();
        c.setTimeInMillis((gotState.getDate(KMIPAttribute.ActivationDate)).getTime().getTime());
        System.out.println("Deactivating as of " + sdf.format(c.getTime()));
        KMIPAttributes modDates = new KMIPAttributes();
        modDates.addDate(KMIPAttribute.DeactivationDate, c);
        key.addKMIPAttributes(modDates);
        ;
        defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
        gotState = key.getKMIPAttributes(getState);
        System.out.println("State = " + gotState.getState());
        System.out.println("Dectivation Date  = " + ((gotState.getDate(KMIPAttribute.DeactivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEKey(com.ingrian.security.nae.NAEKey) Calendar(java.util.Calendar) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession) SecretKey(javax.crypto.SecretKey) KeyGenerator(javax.crypto.KeyGenerator)

Example 24 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPCreateSymmetricKeySample method main.

public static void main(String[] args) throws Exception {
    String keyName = null;
    int keyLength = 256;
    if (args.length != 3) {
        usage();
    }
    keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create KMIP Session - specify client X.509 certificate and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        NAEKey key;
        try {
            /* does the key exist? if so, delete it */
            /* get..Key method is merely a placeholder for a managed object 
                * with that name. */
            key = NAEKey.getSecretKey(keyName, session);
            /* getUID() will throw an exception if the key does not exist */
            if (key.getUID() != null) {
                // exists if Unique Identifier is not null
                System.out.println("Deleting key " + keyName + " with UID=" + key.getUID());
                key.delete();
            }
        } catch (Exception notFound) {
        }
        /* create a secret key on the Key Manager using JCE key generator */
        KMIPAttributes initialAttributes = new KMIPAttributes();
        initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Encrypt.getValue() | UsageMask.Decrypt.getValue()));
        NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) initialAttributes, session);
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(spec);
        SecretKey secretKey = kg.generateKey();
        System.out.println("Created key " + ((NAEKey) secretKey).getName());
        /* cast to NAEKey and list the default attribute names */
        Set<String> defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) SecretKey(javax.crypto.SecretKey) NAEKey(com.ingrian.security.nae.NAEKey) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) KeyGenerator(javax.crypto.KeyGenerator) NAEException(com.ingrian.security.nae.NAEException) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession)

Example 25 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class WrapKeySample method main.

public static void main(String[] args) {
    Security.addProvider(new IngrianProvider());
    if (args.length != 5) {
        System.err.println("Usage: java WrapKeySample user password keyToWrapName wrappingKeyName groupName");
        System.exit(-1);
    }
    String userName = args[0];
    String passWord = args[1];
    String keyToWrapName = "WrapSamplePair" + args[2];
    String wrappingKeyName = "WrapSampleKey" + args[3];
    String groupName = args[4];
    NAESession session = null;
    try {
        // Create an NAESession.
        session = NAESession.getSession(userName, passWord.toCharArray());
        NAEParameterSpec spec = new NAEParameterSpec(keyToWrapName, true, true, 256, session);
        // Delete any existing keys from this sample.
        NAEKey keyToDelete = NAEKey.getSecretKey(keyToWrapName, session);
        deleteExistingKeys(wrappingKeyName, session, keyToDelete);
        // Generate an AES key to be wrapped when exported.
        KeyGenerator generator = KeyGenerator.getInstance("AES", "IngrianProvider");
        // NAEEParameters to pass session
        generator.init(spec);
        NAEKey keyToBeWrapped = (NAEKey) generator.generateKey();
        // Create a public/private RSA key pair to do the key wrapping.
        // The AES key will be wrapped with the RSA Public Key, and
        // later unwrapped using the RSA Private Key.
        KeyPair pair = createKeyPair(session, groupName, wrappingKeyName);
        NAEPublicKey publicKey = NAEKey.getPublicKey(wrappingKeyName, session);
        NAEPrivateKey privateKey = NAEKey.getPrivateKey(wrappingKeyName, session);
        // Init a JCE Cipher in WRAP_MODE to do the key wrapping.
        Cipher cipher = Cipher.getInstance("RSA", "IngrianProvider");
        cipher.init(Cipher.WRAP_MODE, publicKey, spec);
        // Wrap and export the wrapped AES Key from the Key Manager
        // using the cipher.wrap method.
        // The key is wrapped with the Public key from the key pair
        // on the Key Manager which was generated earlier.
        byte[] wrappedKey = cipher.wrap(keyToBeWrapped);
        System.out.println("wrapped  : " + IngrianProvider.byteArray2Hex(wrappedKey));
        System.out.println("Length   : " + wrappedKey.length);
        // Unwrap the AES key using the private key of the
        // generated key pair using the SunJCE provider.
        // Export the NAEPrivate key as a JCE PrivateKey.
        PrivateKey prKey = privateKey.exportJCEKey();
        // Initialize a Cipher based on the SunJCE provider.
        // For IBM Java, change the provider from "SunJCE" to "IBMJCE"
        // Note the use of PKCS1Padding.
        Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunJCE");
        cipher2.init(Cipher.UNWRAP_MODE, prKey);
        // Unwrap the wrapped key from the bytes returned from the
        // Key Manager.
        Key unWrappedKey = cipher2.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);
        System.out.println("Unwrapped: " + IngrianProvider.byteArray2Hex(unWrappedKey.getEncoded()));
        System.out.println("Original : " + IngrianProvider.byteArray2Hex(keyToBeWrapped.export()));
        if (Arrays.equals(keyToBeWrapped.export(), unWrappedKey.getEncoded()))
            System.out.println("Unwrapped key bytes equal original key bytes");
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) KeyPair(java.security.KeyPair) NAEKey(com.ingrian.security.nae.NAEKey) PrivateKey(java.security.PrivateKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Cipher(javax.crypto.Cipher) KeyGenerator(javax.crypto.KeyGenerator) NAESession(com.ingrian.security.nae.NAESession) Key(java.security.Key) PrivateKey(java.security.PrivateKey) NAEKey(com.ingrian.security.nae.NAEKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)

Aggregations

NAEKey (com.ingrian.security.nae.NAEKey)32 IngrianProvider (com.ingrian.security.nae.IngrianProvider)25 NAESession (com.ingrian.security.nae.NAESession)20 Cipher (javax.crypto.Cipher)12 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)10 KMIPSession (com.ingrian.security.nae.KMIPSession)10 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)10 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)10 Provider (java.security.Provider)10 KeyGenerator (javax.crypto.KeyGenerator)9 NAEException (com.ingrian.security.nae.NAEException)8 IvParameterSpec (javax.crypto.spec.IvParameterSpec)8 NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)7 NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)7 NAESecretKey (com.ingrian.security.nae.NAESecretKey)7 SecretKey (javax.crypto.SecretKey)7 KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)5 NAECipher (com.ingrian.security.nae.NAECipher)5 NAESecureRandom (com.ingrian.security.nae.NAESecureRandom)5 GCMParameterSpec (com.ingrian.security.nae.GCMParameterSpec)3